JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.183.131.196

172.183.131.196 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 52%: ?

52%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.183.131.196

Whois 172.183.131.196

IP Abuse Reports for 172.183.131.196:

This IP address has been reported a total of 12 times from 12 distinct sources. 172.183.131.196 was first reported on April 27th 2024, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-12 14:49:06 (4 days ago)	Blocked by UFW on MVI [8080/tcp] \| SPT: 12002 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [8080/tcp] \| SPT: 12002 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 iNetWorker	2026-06-12 14:31:16 (4 days ago)	firewall-block, port(s): 443/tcp, 2083/tcp, 2087/tcp	Port Scan
🇺🇸 sumnone	2026-06-12 12:03:16 (4 days ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
Anonymous	2026-06-12 11:59:56 (4 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇫🇷 Little Iguana	2026-06-12 11:52:44 (4 days ago)	trying to access non-authorized port	Port Scan
Anonymous	2026-06-12 11:51:15 (4 days ago)	vulnerabilities scan	Port Scan Hacking Web App Attack
🇫🇷 Baking333	2026-06-12 11:42:46 (4 days ago)	redacted:80 172.183.131.196 - - [12/Jun/2026:12:42:42 +0100] "GET /.env HTTP/1.1" 200 166 0/12339 "- ... show more redacted:80 172.183.131.196 - - [12/Jun/2026:12:42:42 +0100] "GET /.env HTTP/1.1" 200 166 0/12339 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" redacted:80 172.183.131.196 - - [12/Jun/2026:12:42:44 +0100] "GET /.[redacted] HTTP/1.1" 200 166 0/13437 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 11:23:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 172.183.131.196 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.183.131.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:23:41.829990 2026] [security2:error] [pid 559:tid 559] [client 172.183.131.196:12122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.121"] [uri "/.git/HEAD"] [unique_id "aivsPUKyktC76nWZ5IaKRwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 2048	2026-03-17 02:34:32 (3 months ago)	2026-03-17T03:34:29.475873+01:00 machodeer kernel: [1971688.222018] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-03-17T03:34:29.475873+01:00 machodeer kernel: [1971688.222018] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.183.131.196 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=2560 DF PROTO=TCP SPT=52303 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-03-17T03:34:30.536221+01:00 machodeer kernel: [1971689.282843] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.183.131.196 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=2561 DF PROTO=TCP SPT=52303 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-03-17T03:34:31.553828+01:00 machodeer kernel: [1971690.300449] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.183.131.196 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=2562 DF PROTO=TCP SPT=52303 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 Rayulcifer	2025-11-18 07:55:51 (6 months ago)	172.183.131.196 - - [18/Nov/2025:02:55:51 -0500] "CONNECT load.vmheaven.io:443 HTTP/1.1" 502 587 "-" ... show more 172.183.131.196 - - [18/Nov/2025:02:55:51 -0500] "CONNECT load.vmheaven.io:443 HTTP/1.1" 502 587 "-" "-" 172.183.131.196 - - [18/Nov/2025:02:55:51 -0500] "\x16\x03\x01" 400 491 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
Anonymous	2024-05-07 05:50:17 (2 years ago)	Excessive HTTP/HTTPS connections.	Bad Web Bot
🇺🇸 MHuiG	2024-04-27 00:31:00 (2 years ago)	The IP has triggered Cloudflare WAF. action: managed_challenge source: firewallCustom clientAsn: 807 ... show more The IP has triggered Cloudflare WAF. action: managed_challenge source: firewallCustom clientAsn: 8075 clientASNDescription: MICROSOFT-CORP-MSN-AS-BLOCK clientCountryName: US clientIP: 172.183.131.196 clientRequestHTTPHost: blog.mhuig.top clientRequestHTTPMethodName: GET clientRequestHTTPProtocol: HTTP/1.1 clientRequestPath: /feed clientRequestQuery: datetime: 2024-04-27T00:26:39Z rayName: 87aaaeaf6c75e259 ruleId: f4a2c940dd7944e58e72d246ea29b5af userAgent: Mozilla/5.0 (iPad; U; CPU OS 4_2_1 like Mac OS X; zh-cn) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Open Proxy VPN IP Port Scan Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.88

🇰🇷 112.184.47.98

🇨🇳 118.145.242.91

🇺🇸 104.168.115.241

🇳🇬 102.88.137.80

🇳🇱 45.134.225.130

🇮🇩 36.75.111.216

🇬🇧 35.177.218.207

🇫🇷 2001:41d0:303:34af::1

🇮🇳 223.184.163.73

🇸🇦 178.73.64.124

🇧🇷 177.200.152.224

🇺🇸 136.109.225.211

🇲🇾 115.135.234.221

🇺🇸 38.34.175.56

🇺🇸 20.12.202.181

🇨🇳 1.85.54.130

🇬🇧 2a06:4880:8000::aa

🇰🇷 218.150.184.241

🇨🇦 212.56.52.28